The Department of the Interior is admitting that records in Indian probate cases were exposed on the public internet.

In a statement on Friday, the department said records from 26 cases were exposed between December 13, 2019, and January 15, 2021. Information for about 238 individual Indians were affected.

“We deeply regret this incident and any inconvenience to those who may have been impacted,” the statement read. “We are committed to protecting the privacy of individuals, providing resources to those who have been affected, and ensuring this type of incident does not occur again.”

According to the statement, the information was exposed as a result of a “misconfigured setting” on the department’s website. Interior claims the incident was “not a cyber-attack.”

The setting affected searches conducted on the Office of Hearings and Appeals (OHA) website. According to Interior, the misconfiguration only impacted Indian probate hearings and appeals — not any other types of cases.

“The issue that led to this incident has been resolved and Interior is working to review processes and protocols to identify any further corrective actions and implement additional safeguards to enhance security and protect the privacy of individuals,” the department said.

As of Friday afternoon, the search function on the OHA site remains offline.

“On January 14, 2021, the Department of the Interior’s Office of Hearings and Appeals (OHA) discovered a data breach on its Search Decisions website that supports historical searches on publicly available decisions. OHA immediately took the Search Decisions website offline and initiated an investigation. The incident was determined to be the result of a misconfiguration and was not a cyber-attack. It involved an undetected software misconfiguration that allowed a limited number of records related to Indian probate hearings and appeals proceedings to be disclosed when searches were conducted on the site.

“OHA is working with Department offices to conduct a thorough investigation that includes technical evaluations of system configurations, logs, and an in-depth assessment of case files and data elements to assess the risks to potentially affected individuals. These assessments include extensive coordination with multiple offices and the technical issues will be resolved prior to making the Search Decisions website available to the public.

“We have determined that due to the misconfigured setting, searches conducted on the Search Decisions website between December 13, 2019, and January 15, 2021 may have permitted unauthorized access to documents that contained the personally identifiable information of parties involved in Indian probate hearings and appeals proceedings. Based on current findings, OHA identified 26 cases that may have been accessed that contain records of approximately 238 affected individuals.

“We deeply regret this incident and any inconvenience to those who may have been impacted. We are committed to protecting the privacy of individuals, providing resources to those who have been affected, and ensuring this type of incident does not occur again. OHA will notify the affected individuals and include an offer of identity protection services at no cost to them as soon as practicable after the final technical evaluation. Any additional affected individuals who are identified during our investigation will also receive notification and support services.

“The issue that led to this incident has been resolved and Interior is working to review processes and protocols to identify any further corrective actions and implement additional safeguards to enhance security and protect the privacy of individuals.”